General
-
Target
3020-2-0x0000000000460000-0x0000000000472000-memory.dmp
-
Size
72KB
-
MD5
5c763f2013aa6eec01710553a3956533
-
SHA1
e8c6c171c05df73774a48056471705d9d9307191
-
SHA256
4ad5f0107a2fbe081d769c1d166ae81c1089116bab59919c546de2212674ab91
-
SHA512
0c290c60ee32b26082bff12881847333a01480861520450f1b18017f1aa75a830e2d6fd9d960ca427bee94c32bf99ece78d184ffc9ca16193cd039dbfeb70bd2
-
SSDEEP
384:UZyHUJ1Cj8syWcWrfXE5GiXeEXME5EAftz8Iij+ZsNO3PlpJKkkjh/TzF7pWnK/N:i+UJ04pWcWrXE5ZVMEzXuXQ/oT3+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
encrypted7745.hopto.org:1177
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3020-2-0x0000000000460000-0x0000000000472000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections